Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-922-1 | linux security update |
![]() |
EUVD-2016-1385 | Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c. |
![]() |
USN-3422-1 | Linux kernel vulnerabilities |
![]() |
USN-3422-2 | Linux kernel (Trusty HWE) vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: google_android
Published:
Updated: 2024-08-06T03:14:42.877Z
Reserved: 2017-02-04T00:00:00
Link: CVE-2016-10200

No data.

Status : Deferred
Published: 2017-03-07T21:59:00.153
Modified: 2025-04-20T01:37:25.860
Link: CVE-2016-10200


No data.